Small businesses need protection too.
In this era of connectivity, phishing scams can breach multinational companies and ransomware can hold data hostage. Damage can be fatal to medium and small businesses, but those same firms may lack the knowledge, and the funds, to fully protect themselves.
That's the space Houston-based SCIS Security aims to fill.
“Our primary clientele are SMBs [small and midsize businesses] that are in need of any security related operation including cyber and surveillance," says Dennis Chow, SCIS Security's chief information security officer.
1. Please describe your business does.
SCIS Security is a full stack security consulting and services group. We perform cybersecurity and surveillance-based operations aimed to be affordable for other small to medium sized businesses. Our primary reason for starting this type of "all things security" solutions for the small business is because we have been on the other end dealing with large vendors and consulting groups offering outrageous pricing to small businesses for a quick sale.
We opt for longterm relationships because cyber- and surveillance-based security isn't going away.
In fact, small businesses are among the highest risk entities to be compromised from a physical threat, and insider threat, or a cybersecurity attack. The industry needs to do better, and we're hoping to change that.
2. What hurdles have you overcome in running your business?
One of the major hurdles of our practice is overcoming the “new kid on the block" reputation that most clients have reservations over. As a security-focused consulting group, we had to leverage our key staff members' backgrounds and provide highly aligned demonstrations to really address those fears.
3. What are some of the biggest security mistakes small businesses make?
Usually, we find SMBs struggle with the fact that you can't solve security by buying a single device. Even worse, we find that many SMBs continue to utilize home office or consumer grade products not designed for actual security, like most of the things they buy in the networking section of a big box store. We also find that SMBs are not in compliance with federal or industry standards such as PCI DSS ( the government-mandated Payment Card Industry Data Security Standard) and HIPAA (the Health Insurance Portability and Accountability Act of 1996) regulations.
Finally, SMBs often don't see the value of security until it's too late, and we're cleaning up the mess for incident response, digital forensics or a breach response.
4. Why did you decide to target small businesses?
SMBs take up a large portion of the American economy. While the struggle for pushing security to these businesses take a while to soak in, it's a market that has much untapped potential. We're able to scale and keep our costs low so that SMBs can afford similar, if not better, levels of service and product in the security space. We feel that SMBs also get ripped off from big-box vendors quite a bit for some of the simplest solutions.
5. What are three things you couldn't live without?
1. Online advertising. In a world full of websites and mobile access, you need to ensure you have priority search result views.
2. Capable and caring employees. No business can sustain itself without excellent talent.
3. Open source software. Without those in the community contributing to a free and open collection of tools and integration APIs, it makes it difficult for small shops to develop enterprise-level operations.